Manager - Application Security

Sampoorna Computer People

This job was posted a while ago and may not be active. Nor has it been removed by the recruiter. Please use your discretion.

Function
Software Design & Development

Industry
Banking - Retail

Job Description

Application Security Manager
Qualification & Experience: Bachelor degree in Engineering, or MCA
Security certifications like CISSP/ GWEB
7 years of post-qualification experience in code testing, Application Security design
Job Responsibility
Establish a strong partnership with application development teams to understand business needs and develop appropriate application security controls.
Develop reusable application security patterns, frameworks, and best practices leveraging industry best practices (OWASP, BSIMM, ASVs)
Prepare secure coding guidelines for all applicable areas
Establish secure application development environment by assisting Teams in adopting secure coding best practices.
Help development teams to use security tools for code testing; e. g; static code analysis
Establish validation and metrics that demonstrate application security maturity/ compliance across all three organizations
Help development teams to adopt secure SDLC for all developments
Skill Sets
Experience in the full software-development life cycle.
Experience in ethical hacking.
Well-versed in security protocols as well as in software security techniques;
Strong cryptography skills.
Experience in conducting static code analysis
Experience with malware, intrusion detection and prevention and firewalls.
Threat vector analysis and modeling skills are a plus
Analytical skills and a passion for problem-solving;
Creativity to imagine various attack scenarios and outsmart cybercriminals;
Attention to detail; interpersonal skills and the ability to work as part of a team;
Oral and written communication skills that enable the candidate to break down complex concepts into simpler ideas that nontechnical people can understand;
The ability to make decisions under pressure;
The flexibility to handle a rapidly changing environment, processes, and threats; and
Willingness to learn new tools and techniques on the fly, as change is nonstop in this field.